Muokkaa

Jaa


Quickstart: Create an Azure Route Server using the Azure CLI

In this quickstart, you learn how to create an Azure Route Server to peer with a network virtual appliance (NVA) in your virtual network using the Azure CLI.

Diagram of Route Server deployment environment using the Azure CLI.

Important

Azure Route Servers created before November 1, 2021, that don't have a public IP address associated, are deployed with the public preview offering. The public preview offering is not backed by General Availability SLA and support. To deploy Azure Route Server with the General Availability offering, and to achieve General Availability SLA and support, please delete and recreate your Route Server.

Prerequisites

  • An Azure account with an active subscription. Create an account for free.

  • Review the service limits for Azure Route Server.

  • Azure Cloud Shell or Azure CLI.

    The steps in this article run the Azure CLI commands interactively in Azure Cloud Shell. To run the commands in the Cloud Shell, select Open Cloud Shell at the upper-right corner of a code block. Select Copy to copy the code, and paste it into Cloud Shell to run it. You can also run the Cloud Shell from within the Azure portal.

    You can also install Azure CLI locally to run the commands. If you run Azure CLI locally, sign in to Azure using the az login command.

Create a route server

In this section, you create a route server. Prior to creating the route server, create a resource group to host all resources including the route server. You'll also need to create a virtual network with a dedicated subnet for the route server.

  1. Create a resource group using az group create command. The following example creates a resource group named RouteServerRG in the WestUS region:

    # Create a resource group.
    az group create --name 'RouteServerRG' --location 'westus'
    
  2. Create a virtual network using az network vnet create command. The following example creates a default virtual network named myRouteServerVNet in the WestUS region with RouteServerSubnet subnet. The route server requires a dedicated subnet named RouteServerSubnet. The subnet size has to be at least /27 or shorter prefix (such as /26 or /25) or you'll receive an error message when deploying the route server.

    # Create a virtual network and a route server subnet. 
    az network vnet create --resource-group 'RouteServerRG' --name 'myRouteServerVNet' --subnet-name 'RouteServerSubnet' --subnet-prefixes '10.0.1.0/27'
    # Place the subnet ID into a variable.
    subnetId=$(az network vnet subnet show --name 'RouteServerSubnet' --resource-group 'RouteServerRG' --vnet-name 'myRouteServerVNet' --query id -o tsv)
    
  3. To ensure connectivity to the backend service that manages Route Server configuration, assigning a public IP address is required. Create a Standard Public IP named RouteServerIP using az network public-ip create command.

    # Create a Standard public IP.
    az network public-ip create --resource-group 'RouteServerRG' --name 'RouteServerIP' --sku Standard --version 'IPv4'
    
  4. Create the route server using az network routeserver create command. The following example creates a route server named myRouteServer in the WestUS region. The HostedSubnet is the resource ID of the RouteServerSubnet created in the previous steps.

    # Create the route server.
    az network routeserver create --name 'myRouteServer' --resource-group 'RouteServerRG' --hosted-subnet $subnetId --public-ip-address 'RouteServerIP'
    

    Note

    The deployment of the Route Server can take up to 30 minutes.

Set up peering with NVA

In this section, you learn how to configure BGP peering with a network virtual appliance (NVA). Use az network routeserver peering create command to establish BGP peering from the route server to your NVA. The following example adds a peer named myNVA that has an IP address of 10.0.0.4 and an ASN of 65001. For more information, see What Autonomous System Numbers (ASNs) can I use?

# Add a peer.
az network routeserver peering create --name 'myNVA' --peer-ip '10.0.0.4' --peer-asn '65001' --routeserver 'myRouteServer' --resource-group 'RouteServerRG'

Complete the configuration on the NVA

To complete the peering setup, you must configure the NVA to establish a BGP session with the route server's peer IPs and ASN. Use az network routeserver show command to get the IP and ASN of the route server.

# Get the route server details.
az network routeserver show --resource-group 'RouteServerRG' --name 'myRouteServer'

The output should look similar to the following example:

{
  "allowBranchToBranchTraffic": false,
  "etag": "W/\"aaaa0000-bb11-2222-33cc-444444dddddd\"",
  "hubRoutingPreference": "ExpressRoute",
  "id": "/subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/resourceGroups/RouteServerRG/providers/Microsoft.Network/virtualHubs/myRouteServer",
  "kind": "RouteServer",
  "location": "westus",
  "name": "myRouteServer",
  "provisioningState": "Succeeded",
  "resourceGroup": "RouteServerRG",
  "routeTable": {
    "routes": []
  },
  "routingState": "Provisioned",
  "sku": "Standard",
  "type": "Microsoft.Network/virtualHubs",
  "virtualHubRouteTableV2s": [],
  "virtualRouterAsn": 65515,
  "virtualRouterAutoScaleConfiguration": {
    "minCapacity": 2
  },
  "virtualRouterIps": [
    "10.0.1.4",
    "10.0.1.5"
  ]
}

Important

We recommend peering each NVA with both route server instances to ensure that virtual network routes are advertised over the NVA connections and achieve high availability.

Clean up resources

When no longer needed, delete the resource group and all of the resources it contains using az group delete command.

# Delete the resource group and all the resources it contains. 
az group delete --name 'RouteServerRG' --yes --no-wait

Next step